We sat down with Insurance Advisernet cyber security expert, Steve Dymond for some quick-fire advice on ensuring you’re protected from cyber scams.
So Steve, what are the key things you’re seeing companies do or not do that is compromising their cyber security?
Complacency is a real issue. There are so many other things to worry about when running a business that cyber security often doesn’t make it onto people’s ‘action’ lists. People also assume that their IT support has it covered, or that because they have installed some anti-virus that they’re safe.
The average small business also just doesn’t know enough about the risks and how to mitigate them – lack of readily available advice that is personalised to that business is a problem
What impact has Covid had on cyber security? Have new issues popped up because of the pandemic?
Yes, Covid has caused headaches for IT teams and cyber security teams everywhere. The issues are two-fold. Firstly, there are simply loads more attack vectors with so many people working from remote locations that may be unprotected or un-monitored, or attached to insecure networks. Secondly, cyber criminals have really ramped up their game as a result – there has been a large spike in cyber activity since Covid.
Do companies in general understand the risks? Or is there sometimes a head in sand attitude?
As above, complacency is a real issue. I’d like to think people are starting to take it more seriously though – it should be considered as important and fundamental as how you physically secure your premises against theft.
It seems that we’re grappling with a many-headed monster here anyway - you get to grips with one sort of scam and five others pop up. Is that a fair assessment?
Yes and no – for small businesses, there are some key types of attacks that simply take on new faces over time, be it fake emails from the post office, the bank and so on. With the right blend of cyber security and employee training, it’s not that hard to mitigate a large portion of these types of attacks.
How do companies best stay up to date with emerging cyber risks so they stay protected?
There are plenty of resources online that they can tap into, but it can be hard to navigate around and know what’s an issue and what isn’t and what’s a sales pitch versus a real potential solution for them.
A lot of governments are putting up official cyber security resources too, which can be helpful, but businesses really need tailored advice to understand the specific risks they face and what they can do about them. This either needs to be championed by someone internally that is given accountability and ownership, or use an external person – the right insurance broker, for example, who knows about these things, can prove very useful.
General Advice Warning
The information provided is to be regarded as general advice. Whilst we may have collected risk information, your personal objectives, needs or financial situations were not taken into account when preparing this information. We recommend that you consider the suitability of this general advice, in respect of your objectives, financial situation and needs before acting on it. You should obtain and consider the relevant product disclosure statement before making any decision to purchase this financial product.